Elefant CMS version v1.1.3 beta suffers from a cross-site scripting (XSS) and SQL Injection vulnerabilities:
1. XSS: Input passed via the "title" and "body" GET parameters to "/admin/preview" ("apps/admin/handlers/preview.php" script) is not properly sanitised before being returned to the user.
2. SQL Injection: Input passed via the "offset" GET parameter to "/admin/pages", "/admin/versions", "/user/admin", "/blocks/admin", "/blog/admin" ("lib/Model.php" script) is not properly sanitised before being used in SQL query.
Vulnerability ID: HTB23076
Vendor Notification / Vendor Patch / Public Disclosure Dates: 22 February / 22 February / 14 March
Vulnerabilities Type: Cross Site Scripting (XSS), SQL Injection
Solution Status: Fixed by Vendor
Risk level: Medium
Solution: Upgrade to the latest version
No comments:
Post a Comment